<?php
	if(isset($_GET['admin']))
	{
			include_once('class/user.php');
			$users= new User();
			$d_users=$users->getAllUser();
	}
	
	if(isset($_GET['admin']) && isset($_GET['ban']))
	{
		include_once('class/user.php');
		$users= new User();
		$id=$_GET['ban'];
		session_start();
		if(isset($_SESSION['login']) && $_SESSION['level']==1)
		{
			$sukses=$users->updateBanned($id);
			if($sukses==1)
			{
				echo "<div class=\"alert\">
				<button type=\"button\" class=\"close\" data-dismiss=\"alert\">&times;</button>
				<strong>Peringatan!</strong> User Berhasil Di Banned.
				</div>";
				header ('refresh: 3; user_admin.php?admin');
			}
			else
			{
				echo "<div class=\"alert\">
				<button type=\"button\" class=\"close\" data-dismiss=\"alert\">&times;</button>
				<strong>Peringatan!</strong> Gagal Ban User.
				</div>";
				header ('refresh: 3; user_admin.php?admin');
			}
		}
		else
		{
			echo "<div class=\"alert\">
				<button type=\"button\" class=\"close\" data-dismiss=\"alert\">&times;</button>
				<strong>Peringatan!</strong> Anda Tidak Memiliki Wewenang.
				</div>";
		}
	}
	
	
	
	if(isset($_POST['login']))
	{
		session_start();
		include_once('class/user.php');
		$user = new User();
		$username=$_POST['username'];
		$password=$_POST['password'];
		
		if(empty($username) || empty($password))
		{
			$error_login="Username dan Password tidak boleh kosong";
			session_destroy();
		}
		else
		{
			$cek=$user->loginUser($username,$password);
			if($cek==1)
			{
				$session=$user->getUser($username);
				foreach($session as $userSession)
				{
					$_SESSION['login']=$userSession['id'];
					$_SESSION['level']=$userSession['id_level'];
					if(isset($_SESSION['login']))
					{
						if(isset($_SESSION['keranjang']))
						{
							$_SESSION['username']=$userSession['username'];
						}
						else{
							$_SESSION['username']=$userSession['username'];
							header("location: index.php");
						}
					}
				}
			}
			else
			{
				$error_login="Login gagal, username atau password salah";
				session_destroy();
			}
		}	
		
	}
	
	if(isset($_POST['daftar']))
	{
		session_start();
		include_once('class/user.php');
		$user = new User();
		$username=$_POST['username'];
		$password=$_POST['password'];
		$password2=$_POST['password2'];
		
		if(empty($username) || empty($password))
		{
			$error_daftar="Semua field harus diisi";
			session_destroy();
		}
		elseif($password !== $password2)
		{
			$error_daftar="Verifikasi password berbeda";
			session_destroy();
		}
		else
		{
			$cek=$user->getUser($username);
			if($cek==0)
			{
				$daftar=$user->createUser($username,$password);
				if($daftar==1)
				{
					$session=$user->getUser($username);
					foreach($session as $userSession)
					{
						$_SESSION['login']=$userSession['id'];
						$_SESSION['level']=$userSession['id_level'];
						if(isset($_SESSION['login']))
						{
							//header("location: index.php");
							$_SESSION['username']=$userSession['username'];
							$success="Anda Sudah Terdaftar sebagai Anggota, Silahkan lengkapi biodata dan berbelanja";
						}
					}
				}
			}
			else
			{
				$error_daftar="User dengan username <b>".$username."</b> sudah ada";
				session_destroy();
			}
		}
		
	}
	
	if(isset($_POST['ubah_pass']))
	{
		session_start();
		include_once('class/user.php');
		$user = new User();
		$id=$_SESSION['login'];
		$username=$_SESSION['username'];
		$password_lama=$_POST['password_lama'];
		$password_baru=$_POST['password_baru'];
		$password_baru2=$_POST['password_baru2'];
		$password_lama_md5=md5($password_lama);
		
		if(empty($password_lama) || empty($password_baru) || empty($password_baru2))
		{
			$error="Password harus diisi semua";
		}
		elseif($password_baru !== $password_baru2)
		{
			$error="Verifikasi password berbeda";
		}
		else
		{
			$cek=$user->getUser($username);
			if($cek!=0)
			{
				foreach($cek as $data)
				{
					$password=$data['password'];
				}
				if($password == $password_lama_md5)
				{
					$update=$user->updateuser($id, $password_baru);
					if($update == 1)
					{
						$success="Password Anda berhasil dirubah";
					}
					else
					{
						$error="Password Anda gagal dirubah";
					}
				}
				else
				{
					$error="Password Lama yang Anda masukkan tidak sama";
				}
					
			}
			else
			{
				$error="Username tidak ada";
			}
		}
		
	}

?>